From patchwork Wed Dec 16 12:33:22 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 3724 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4Cwvgp49YSz3wg1 for ; Wed, 16 Dec 2020 12:33:58 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4Cwvgm2xGnzyC; Wed, 16 Dec 2020 12:33:56 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4Cwvgj6cbgz2xfn; Wed, 16 Dec 2020 12:33:53 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4Cwvgh07pyz2xGT for ; Wed, 16 Dec 2020 12:33:52 +0000 (UTC) Received: from smtpq3.tb.mail.iss.as9143.net (smtpq3.tb.mail.iss.as9143.net [212.54.42.166]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPS id 4Cwvgf6DP1zmC for ; Wed, 16 Dec 2020 12:33:50 +0000 (UTC) Received: from [212.54.42.137] (helo=smtp6.tb.mail.iss.as9143.net) by smtpq3.tb.mail.iss.as9143.net with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kpW06-0000pm-Ek; Wed, 16 Dec 2020 13:33:50 +0100 Received: from j103033.upc-j.chello.nl ([24.132.103.33] helo=rhea.saturn.pimb.org) by smtp6.tb.mail.iss.as9143.net with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1kpW06-003nrP-2X; Wed, 16 Dec 2020 13:33:50 +0100 Received: from hyperion.saturn.pimb.org (hyperion.saturn.pimb.org [192.168.26.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by rhea.saturn.pimb.org (Postfix) with ESMTPSA id 39FE03E2B; Wed, 16 Dec 2020 13:33:49 +0100 (CET) From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] Fix for bug 10743 Date: Wed, 16 Dec 2020 13:33:22 +0100 Message-Id: <20201216123322.9680-1-ahb.ipfire@gmail.com> X-Mailer: git-send-email 2.29.2 MIME-Version: 1.0 X-SourceIP: 24.132.103.33 X-Authenticated-Sender: adolf.belka@ziggo.nl (via SMTP) X-Ziggo-spambar: / X-Ziggo-spamscore: 0.0 X-Ziggo-spamreport: CMAE Analysis: v=2.4 cv=TcEoCTch c=1 sm=1 tr=0 ts=5fd9feae a=N0UC3/faf55XGTeY5t7zSQ==:17 a=9+rZDBEiDlHhcck0kWbJtElFXBc=:19 a=IkcTkHD0fZMA:10 a=zTNgK-yGK50A:10 a=x7bEGLp0ZPQA:10 a=6yxbeI8x3IIA:10 a=pGLkceISAAAA:8 a=CBVioSj9AAAA:8 a=ZJSRYLIwhFZfZpmav48A:9 a=YpL4JOeQlCk_hjo3:21 a=cm0C5Osma6c3tDCT:21 a=yrpCl3zykdABI1e9:21 a=QEXdDO2ut3YA:10 a=nsslfl1wzC_JQ_dhAcLC:22 X-Ziggo-Spam-Status: No X-Spam-Status: No X-Spam-Flag: No ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=lists.ipfire.org; s=202003rsa; t=1608122031; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RvesqzAbon2RZ2eknJTHyJXtv2imVhdlmcplXB1WALo=; b=kcyPsqDw9OWN0qrDakxPIf5UPeDg9aI+FYrMV+AcaRBurilmljVMptZKL154756pDjmfO7 l3qX+g5c08gU2f1P2eJ3MdikgePdzAyHs1SXEya5i+sAUZbX9BibcN+ZfzLhvVZReM5XqX RhlR0boY0XytF1mjevpma2gjEMNMi5186I6TdTHBjkltwbsDfatwHs3Qj+R8n5rtX8gSWG hdERwO4RXVvn1eVzNbD8YMoEnazjKrMez6B+Tj6pokwrlMFmhT2uS9REUk8pmO4dhPp7Yz OGSjbWwWpUK32mrgwNCghpf4JN9H68WYaj1wPmOMk25Xe8vwrMf45It7oQCA3g== ARC-Authentication-Results: i=1; mail01.ipfire.org; dkim=none; dmarc=fail reason="No valid SPF, No valid DKIM" header.from=gmail.com (policy=none); spf=softfail (mail01.ipfire.org: 212.54.42.166 is neither permitted nor denied by domain of ahbipfire@gmail.com) smtp.mailfrom=ahbipfire@gmail.com ARC-Seal: i=1; s=202003rsa; d=lists.ipfire.org; t=1608122031; a=rsa-sha256; cv=none; b=aCqzaWmp2R0uEAQ/+SX48dzOWGBtNJf/S4+gGp3P3/+201SWL7uy1VVil7+4rTUumS1XeO x7VW0hx0iiYMhaPPnYr6U2XMrKEF7iGkuXXTrRiULHWSsjKdI10deLROzen3ctTDQn0/XS ALnUR7G8X59FnVY0FDRBCggYrOwy4OEdYhZh2pO9wp88onv3kCei3K01ZfasV4qQM6ASa9 gZUicxUTPuhmkk1doz28RtbOzczg05MqvmEJcQA13FNm6kqJN8zcWv41VHwsUnWPhwAAyD 0qa/azbDBvSkevh8hNO79fsOLFEe0TSFkPIwyGpCvPiwNVGwaBgnvq04ABXQ/Q== X-Rspamd-Queue-Id: 4Cwvgf6DP1zmC Authentication-Results: mail01.ipfire.org; dkim=none; dmarc=fail reason="No valid SPF, No valid DKIM" header.from=gmail.com (policy=none); spf=softfail (mail01.ipfire.org: 212.54.42.166 is neither permitted nor denied by domain of ahbipfire@gmail.com) smtp.mailfrom=ahbipfire@gmail.com X-Rspamd-Server: mail01.haj.ipfire.org X-Spamd-Result: default: False [-4.82 / 11.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; IP_REPUTATION_HAM(-1.72)[asn: 33915(-0.25), country: NL(0.00), ip: 212.54.42.166(-0.61)]; RWL_MAILSPIKE_GOOD(0.00)[212.54.42.166:from]; ARC_SIGNED(0.00)[lists.ipfire.org:s=202003rsa:i=1]; R_SPF_SOFTFAIL(0.00)[~all]; RCVD_COUNT_THREE(0.00)[4]; RCPT_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:33915, ipnet:212.54.32.0/20, country:NL]; TAGGED_FROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; HAS_X_AS(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[212.54.42.166:from]; FROM_HAS_DN(0.00)[]; BAYES_HAM(-3.00)[99.99%]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; RECEIVED_SPAMHAUS_PBL(0.00)[24.132.103.33:received]; TO_MATCH_ENVRCPT_SOME(0.00)[]; FREEMAIL_CC(0.00)[gmail.com]; RCVD_TLS_ALL(0.00)[]; DMARC_POLICY_SOFTFAIL(0.10)[gmail.com : No valid SPF, No valid DKIM,none] X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" This adds in the option to have "deny known clients" in dhcpd.conf This is applied to the range command so applies to the dynamic addresses given. If you have just a range statement say in blue then if you are not using vlans you could have the situation where a known host in green might end up getting a lease from the blue range. Here a deny known-clients makes sense. Your range in this case would be limited to only unknown clients if deny known-clients was selected. dhcp WUI has been modified to add in this command. Error message has been added to check that a range has been specified if the deny unknown clients checkbox has been selected. Language files updated with additional items (English, German & Dutch). For more information on the history of this please see the bugzilla entry Signed-off-by: Adolf Belka --- doc/language_issues.en | 2 ++ doc/language_issues.es | 2 ++ doc/language_issues.fr | 2 ++ doc/language_issues.it | 2 ++ doc/language_issues.pl | 2 ++ doc/language_issues.ru | 2 ++ doc/language_issues.tr | 2 ++ doc/language_missings | 12 ++++++++++++ html/cgi-bin/dhcp.cgi | 19 ++++++++++++++++++- langs/de/cgi-bin/de.pl | 2 ++ langs/en/cgi-bin/en.pl | 2 ++ langs/nl/cgi-bin/nl.pl | 2 ++ 12 files changed, 50 insertions(+), 1 deletion(-) diff --git a/doc/language_issues.en b/doc/language_issues.en index b3c46de5e..3955d3ae7 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -574,6 +574,7 @@ WARNING: untranslated string: dhcp advopt value = Option value WARNING: untranslated string: dhcp allow bootp = Allow bootp clients WARNING: untranslated string: dhcp bootp pxe data = Enter optional bootp pxe data for this fixed lease WARNING: untranslated string: dhcp configuration = DHCP configuration +WARNING: untranslated string: dhcp deny known clients: = Deny known clients: WARNING: untranslated string: dhcp dns enable update = Enable DNS Update (RFC2136): WARNING: untranslated string: dhcp dns key name = Key Name WARNING: untranslated string: dhcp dns update = DNS Update @@ -582,6 +583,7 @@ WARNING: untranslated string: dhcp dns update secret = Secret WARNING: untranslated string: dhcp server = DHCP Server WARNING: untranslated string: dhcp server disabled = DHCP server disabled. Stopped. WARNING: untranslated string: dhcp server enabled = DHCP server enabled. Restarting. +WARNING: untranslated string: dhcp valid range required when deny known clients checked = Valid range required when "Deny known clients:" is checked WARNING: untranslated string: dhcp-options = DHCP push options WARNING: untranslated string: dial = Connect WARNING: untranslated string: dial profile = Connect with profile diff --git a/doc/language_issues.es b/doc/language_issues.es index 9f62f03f2..2cd36a5a1 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -886,11 +886,13 @@ WARNING: untranslated string: dh key move failed = Diffie-Hellman parameters mov WARNING: untranslated string: dh key warn = Creating DH-parameters with a length of 2048 bits takes up to several minutes. Lengths of 3072 or 4096 bits might needs several hours. Please be patient. WARNING: untranslated string: dh key warn1 = For weak systems or systems with little entropy, it is recommended to upload long Diffie-Hellman parameters by usage of the upload function. WARNING: untranslated string: dh parameter = Diffie-Hellman parameters +WARNING: untranslated string: dhcp deny known clients: = Deny known clients: WARNING: untranslated string: dhcp dns enable update = Enable DNS Update (RFC2136): WARNING: untranslated string: dhcp dns key name = Key Name WARNING: untranslated string: dhcp dns update = DNS Update WARNING: untranslated string: dhcp dns update algo = Algorithm WARNING: untranslated string: dhcp dns update secret = Secret +WARNING: untranslated string: dhcp valid range required when deny known clients checked = Valid range required when "Deny known clients:" is checked WARNING: untranslated string: disable = Disable WARNING: untranslated string: disconnected = Disconnected WARNING: untranslated string: dl client arch insecure = Download insecure Client Package (zip) diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 90a745360..279e1ba37 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -879,6 +879,8 @@ WARNING: translation string unused: zoneconf val vlan tag assignment error WARNING: translation string unused: zoneconf val zoneslave amount error WARNING: untranslated string: asn lookup failed = AS lookup failed WARNING: untranslated string: autonomous system = Autonomous System +WARNING: untranslated string: dhcp deny known clients: = Deny known clients: +WARNING: untranslated string: dhcp valid range required when deny known clients checked = Valid range required when "Deny known clients:" is checked WARNING: untranslated string: dns enable safe-search youtube = Include YouTube in Safe Search WARNING: untranslated string: fwhost cust locationgrp = unknown string WARNING: untranslated string: fwhost err hostip = unknown string diff --git a/doc/language_issues.it b/doc/language_issues.it index 62e4f9953..4ac4754dc 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -911,11 +911,13 @@ WARNING: untranslated string: crypto warning = Cryptographic warning WARNING: untranslated string: dangerous = Dangerous WARNING: untranslated string: default IP address = Default IP Address WARNING: untranslated string: desired = Desired +WARNING: untranslated string: dhcp deny known clients: = Deny known clients: WARNING: untranslated string: dhcp dns enable update = Enable DNS Update (RFC2136): WARNING: untranslated string: dhcp dns key name = Key Name WARNING: untranslated string: dhcp dns update = DNS Update WARNING: untranslated string: dhcp dns update algo = Algorithm WARNING: untranslated string: dhcp dns update secret = Secret +WARNING: untranslated string: dhcp valid range required when deny known clients checked = Valid range required when "Deny known clients:" is checked WARNING: untranslated string: disable = Disable WARNING: untranslated string: disconnected = Disconnected WARNING: untranslated string: dl client arch insecure = Download insecure Client Package (zip) diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 9f62f03f2..2cd36a5a1 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -886,11 +886,13 @@ WARNING: untranslated string: dh key move failed = Diffie-Hellman parameters mov WARNING: untranslated string: dh key warn = Creating DH-parameters with a length of 2048 bits takes up to several minutes. Lengths of 3072 or 4096 bits might needs several hours. Please be patient. WARNING: untranslated string: dh key warn1 = For weak systems or systems with little entropy, it is recommended to upload long Diffie-Hellman parameters by usage of the upload function. WARNING: untranslated string: dh parameter = Diffie-Hellman parameters +WARNING: untranslated string: dhcp deny known clients: = Deny known clients: WARNING: untranslated string: dhcp dns enable update = Enable DNS Update (RFC2136): WARNING: untranslated string: dhcp dns key name = Key Name WARNING: untranslated string: dhcp dns update = DNS Update WARNING: untranslated string: dhcp dns update algo = Algorithm WARNING: untranslated string: dhcp dns update secret = Secret +WARNING: untranslated string: dhcp valid range required when deny known clients checked = Valid range required when "Deny known clients:" is checked WARNING: untranslated string: disable = Disable WARNING: untranslated string: disconnected = Disconnected WARNING: untranslated string: dl client arch insecure = Download insecure Client Package (zip) diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 5d16e0b18..a333d9939 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -888,11 +888,13 @@ WARNING: untranslated string: dh key move failed = Diffie-Hellman parameters mov WARNING: untranslated string: dh key warn = Creating DH-parameters with a length of 2048 bits takes up to several minutes. Lengths of 3072 or 4096 bits might needs several hours. Please be patient. WARNING: untranslated string: dh key warn1 = For weak systems or systems with little entropy, it is recommended to upload long Diffie-Hellman parameters by usage of the upload function. WARNING: untranslated string: dh parameter = Diffie-Hellman parameters +WARNING: untranslated string: dhcp deny known clients: = Deny known clients: WARNING: untranslated string: dhcp dns enable update = Enable DNS Update (RFC2136): WARNING: untranslated string: dhcp dns key name = Key Name WARNING: untranslated string: dhcp dns update = DNS Update WARNING: untranslated string: dhcp dns update algo = Algorithm WARNING: untranslated string: dhcp dns update secret = Secret +WARNING: untranslated string: dhcp valid range required when deny known clients checked = Valid range required when "Deny known clients:" is checked WARNING: untranslated string: disable = Disable WARNING: untranslated string: disconnected = Disconnected WARNING: untranslated string: disk access = Disk Access diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 26530a923..a080ee54f 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -894,6 +894,8 @@ WARNING: untranslated string: crypto warning = Cryptographic warning WARNING: untranslated string: dangerous = Dangerous WARNING: untranslated string: default IP address = Default IP Address WARNING: untranslated string: desired = Desired +WARNING: untranslated string: dhcp deny known clients: = Deny known clients: +WARNING: untranslated string: dhcp valid range required when deny known clients checked = Valid range required when "Deny known clients:" is checked WARNING: untranslated string: disable = Disable WARNING: untranslated string: disconnected = Disconnected WARNING: untranslated string: dns check servers = Check DNS Servers diff --git a/doc/language_missings b/doc/language_missings index 12e341402..ad70d5241 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -222,11 +222,13 @@ < desired < details < dh +< dhcp deny known clients: < dhcp dns enable update < dhcp dns key name < dhcp dns update < dhcp dns update algo < dhcp dns update secret +< dhcp valid range required when deny known clients checked < dh key move failed < dh key warn < dh key warn1 @@ -962,6 +964,8 @@ < autonomous system < bewan adsl pci st < bewan adsl usb +< dhcp deny known clients: +< dhcp valid range required when deny known clients checked < dns enable safe-search youtube < g.dtm < g.lite @@ -1061,11 +1065,13 @@ < dangerous < default IP address < desired +< dhcp deny known clients: < dhcp dns enable update < dhcp dns key name < dhcp dns update < dhcp dns update algo < dhcp dns update secret +< dhcp valid range required when deny known clients checked < disable < Disabled < disconnected @@ -1945,11 +1951,13 @@ < desired < details < dh +< dhcp deny known clients: < dhcp dns enable update < dhcp dns key name < dhcp dns update < dhcp dns update algo < dhcp dns update secret +< dhcp valid range required when deny known clients checked < dh key move failed < dh key warn < dh key warn1 @@ -2822,11 +2830,13 @@ < desired < details < dh +< dhcp deny known clients: < dhcp dns enable update < dhcp dns key name < dhcp dns update < dhcp dns update algo < dhcp dns update secret +< dhcp valid range required when deny known clients checked < dh key move failed < dh key warn < dh key warn1 @@ -3568,6 +3578,8 @@ < dangerous < default IP address < desired +< dhcp deny known clients: +< dhcp valid range required when deny known clients checked < disable < Disabled < disconnected diff --git a/html/cgi-bin/dhcp.cgi b/html/cgi-bin/dhcp.cgi index 8c57c675d..2ebdde818 100644 --- a/html/cgi-bin/dhcp.cgi +++ b/html/cgi-bin/dhcp.cgi @@ -74,6 +74,7 @@ foreach my $itf (@ITFs) { $dhcpsettings{"DNS_UPDATE_KEY_NAME_${itf}"} = ''; $dhcpsettings{"DNS_UPDATE_KEY_SECRET_${itf}"} = ''; $dhcpsettings{"DNS_UPDATE_KEY_ALGO_${itf}"} = ''; + $dhcpsettings{"DENY_KNOWN_CLIENTS_${itf}"} = 'off'; } $dhcpsettings{'SORT_FLEASELIST'} = 'FIPADDR'; @@ -175,9 +176,16 @@ if ($dhcpsettings{'ACTION'} eq $Lang::tr{'save'}) { } } + if ($dhcpsettings{"DENY_KNOWN_CLIENTS_${itf}"} eq 'on') { + if (($dhcpsettings{"START_ADDR_${itf}"}) eq '' && ($dhcpsettings{"END_ADDR_${itf}"}) eq '') { + $errormessage = "DHCP on ${itf}: " . $Lang::tr{'dhcp valid range required when deny known clients checked'}; + goto ERROR; + } + if (!($dhcpsettings{"DEFAULT_LEASE_TIME_${itf}"} =~ /^\d+$/)) { $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid default lease time'} . $dhcpsettings{'DEFAULT_LEASE_TIME_${itf}'}; goto ERROR; + } } if (!($dhcpsettings{"MAX_LEASE_TIME_${itf}"} =~ /^\d+$/)) { @@ -548,6 +556,7 @@ foreach my $itf (@ITFs) { my %checked=(); $checked{'ENABLE'}{'on'} = ( $dhcpsettings{"ENABLE_${itf}"} ne 'on') ? '' : "checked='checked'"; $checked{'ENABLEBOOTP'}{'on'} = ( $dhcpsettings{"ENABLEBOOTP_${itf}"} ne 'on') ? '' : "checked='checked'"; + $checked{'DENY_KNOWN_CLIENTS'}{'on'} = ( $dhcpsettings{"DENY_KNOWN_CLIENTS_${itf}"} ne 'on') ? '' : "checked='checked'"; if ($netsettings{"${itf}_DEV"} ne '' ) { # Show only defined interface my $lc_itf=lc($itf); @@ -563,6 +572,9 @@ print < $Lang::tr{'end address'} * + + $Lang::tr{'dhcp deny known clients:'} + $Lang::tr{'default lease time'} * @@ -1264,7 +1276,12 @@ sub buildconf { if ($dhcpsettings{"ENABLE_${itf}"} eq 'on' ){ print FILE "subnet " . $netsettings{"${itf}_NETADDRESS"} . " netmask ". $netsettings{"${itf}_NETMASK"} . " #$itf\n"; print FILE "{\n"; - print FILE "\trange " . $dhcpsettings{"START_ADDR_${itf}"} . ' ' . $dhcpsettings{"END_ADDR_${itf}"}.";\n" if ($dhcpsettings{"START_ADDR_${itf}"}); + if ($dhcpsettings{"START_ADDR_${itf}"}) { + print FILE "pool {\n"; + print FILE "\trange " . $dhcpsettings{"START_ADDR_${itf}"} . ' ' . $dhcpsettings{"END_ADDR_${itf}"}.";\n"; + print FILE "\tdeny known-clients;\n" if ($dhcpsettings{"DENY_KNOWN_CLIENTS_${itf}"} eq 'on'); + print FILE " }\n"; # pool + } print FILE "\toption subnet-mask " . $netsettings{"${itf}_NETMASK"} . ";\n"; print FILE "\toption domain-name \"" . $dhcpsettings{"DOMAIN_NAME_${itf}"} . "\";\n"; print FILE "\toption routers " . $netsettings{"${itf}_ADDRESS"} . ";\n"; diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 2fb46e741..38c9783f8 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -781,6 +781,7 @@ 'dhcp bootp pxe data' => 'Geben Sie optionale BOOTP-PXE-Daten für diese feste Zuordnung ein', 'dhcp configuration' => 'DHCP-Konfiguration', 'dhcp create fixed leases' => 'Feste Zuordnungen erzeugen', +'dhcp deny known clients:' => 'Bekannte Clients verweigern:', 'dhcp dns enable update' => 'DNS-Update nach RFC 2136 aktivieren:', 'dhcp dns key name' => 'Schlüsselname', 'dhcp dns update' => 'DNS-Update', @@ -792,6 +793,7 @@ 'dhcp server' => 'DHCP-Server', 'dhcp server disabled' => 'DHCP-Server deaktiviert. Angehalten.', 'dhcp server enabled' => 'DHCP-Server aktiviert. Starte neu.', +'dhcp valid range required when deny known clients checked' => 'Gültiger Bereich erforderlich, wenn "Bekannte Clients verweigern:" aktiviert ist', 'dhcp-options' => 'DHCP push Optionen', 'dial' => 'Verbinden', 'dial profile' => 'Verbinde mit Profil', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index b5284effa..500913240 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -800,6 +800,7 @@ 'dhcp bootp pxe data' => 'Enter optional bootp pxe data for this fixed lease', 'dhcp configuration' => 'DHCP configuration', 'dhcp create fixed leases' => 'Create fixed leases', +'dhcp deny known clients:' => 'Deny known clients:', 'dhcp dns enable update' => 'Enable DNS Update (RFC2136):', 'dhcp dns key name' => 'Key Name', 'dhcp dns update' => 'DNS Update', @@ -813,6 +814,7 @@ 'dhcp server disabled on blue interface' => 'DHCP server disabled on BLUE interface', 'dhcp server enabled' => 'DHCP server enabled. Restarting.', 'dhcp server enabled on blue interface' => 'DHCP server enabled on BLUE interface', +'dhcp valid range required when deny known clients checked' => 'Valid range required when "Deny known clients:" is checked', 'dhcp-options' => 'DHCP push options', 'dial' => 'Connect', 'dial profile' => 'Connect with profile', diff --git a/langs/nl/cgi-bin/nl.pl b/langs/nl/cgi-bin/nl.pl index 53341a6f8..191a16927 100644 --- a/langs/nl/cgi-bin/nl.pl +++ b/langs/nl/cgi-bin/nl.pl @@ -702,6 +702,7 @@ 'dhcp bootp pxe data' => 'Voer optionele bootp pxe data in voor deze vaste lease', 'dhcp configuration' => 'DHCP configuratie', 'dhcp create fixed leases' => 'Aanmaken vaste leases', +'dhcp deny known clients:' => 'Bekende clients weigeren:', 'dhcp fixed lease err1' => 'Voor een vaste lease moet u het MAC-adres of de hostnaam invoeren, of beide.', 'dhcp fixed lease help1' => 'IP-adressen mogen ook als FQDN worden ingevoerd', 'dhcp mode' => 'DHCP', @@ -710,6 +711,7 @@ 'dhcp server disabled on blue interface' => 'DHCP server uitgeschakeld op de BLAUWE interface', 'dhcp server enabled' => 'DHCP server ingeschakeld. Herstarten.', 'dhcp server enabled on blue interface' => 'DHCP server ingeschakeld op de BLAUWE interface', +'dhcp valid range required when deny known clients checked' => 'Geldig bereik wanneer "Bekende clients weigeren:" is aangevinkt', 'dhcp-options' => 'DHCP push opties', 'dial' => 'Verbind', 'dial profile' => 'Verbind met profile',